C.A. Goldberg’s case against Grindr featured in the latest edition of the Penn State Law Review.
We wanted to share J.D. candidate Kira M Geary’s paper entitled “Section 230 of the Communications Decency Act, Product Liability, and a Proposal for Preventing Dating-App Harassment” because it’s a fascinating indictment on why Section 230 should not shield Interactive Computer Services (ICSs) from liability when they fail to enact widely available safeguards to protect consumers from abuse and violence.
In her paper, Geary explains why product liability claims like Herrick’s should be permitted as a remedy for injuries resulting from poorly designed or poorly manufactured software that fails to protect users from foreseeable harm, and argues that Congress should amend Section 230 to allow product liability suits to be brought against ICSs.
She starts by laying out the facts of the case, which you may be familiar with: Herrick repeatedly sought Grindr’s help in ending a harassment campaign but after more than 100 complaints, a cease-and-desist letter, and a temporary court injunction, Grindr refused to take any action.
So, in 2017 we filed suit against Grindr on Herrick’s behalf, alleging that the app was liable under all three major types of product liability claim: defective product design, manufacture, and warning, among other claims.
As Geary lays out:
- Grindr’s app was a defective product because its software was easily exploited and lacked the ability to identify and exclude abusive users when safeguards to prevent this danger were available for Grindr to implement
- Grindr failed to warn users that its app could be “weaponized and used to impersonate and abuse”
- A warning that alerted app users of the potential for abuse would have prevented Herrick from downloading the app, thereby preventing his injuries
Per the lawsuit, we believe Grindr had a duty to warn users that its app could be “used to impersonate and abuse,” and “that users can be geographically pinpointed, . . . that the features on the interface to report abusive accounts are merely decorative, and . . . that they shun the basic technology widely used in their industry to prevent or stop known abuse.”
Geary gives some fascinating insight in to the historical context of product liability law, “The origins of product liability can be traced to the late-nineteenth century, when the new technology of the Industrial Revolution created “an accident crisis like none the world had ever seen,” she explains. “As the “ever-increasing capacity of institutions to harm in mass quantities was becoming evident,”* courts acknowledged that laws should hold the manufacturers of dangerous products accountable when those manufacturers fail to provide basic protections for consumers. In 1916, the New York Court of Appeals first held in MacPherson v. Buick Motor Co. that manufacturers could be liable for placing a dangerous instrumentality into the stream of commerce when the damage caused by the instrumentality was foreseeable.”
Sound familiar, Grindr?
As the ever-increasing capacity of digital institutions to harm in mass quantities has become evident, why won’t courts acknowledge that laws should hold the manufacturers of dangerous digital products accountable when those manufacturers fail to provide basic protections for consumers?
If they had this figured out way back in 1916, why are we still arguing about it?
The answer lies in the 26 little words that make up Section 230 of the Communications Decency Act. Or, more accurately, how the courts have inflated, bloated, and twisted those 26 little words to represent near-total civil immunity for the most wealthy, omniscient, and powerful industry the world has even seen.
Geary recalls how, time and again, courts dismissed Herrick’s valid claims without considering their merit, simply because there was an alleged/supposed/tangential relation to the CDA230.
Read more: WTF is the CDA230
The courts were in fact so blinded by the CDA230 that both the Southern District of New York and Second Circuit dismissed Herrick’s claims against Grindr based solely on the fact that it is an online platform.
As Geary states, “the courts did not analyze Herrick’s product liability claims. Neither court determined whether Grindr’s geolocation technology reasonably could have been made safer for consumers by comparing the safety of Grindr’s technology with safeguards used by its competitors. The courts also did not consider whether Grindr’s current technology was designed in a way that put its users at significant risk of harassment and abuse; nor did the courts consider whether Grindr failed to warn its customers of a known risk. These questions were left unanswered because of the courts’ choice to immunize Grindr using Section 230 and, as a result, Grindr has no incentive to improve its software to better protect its consumers from harm.”
What’s more, she explains, both Herrick opinions completely ignore the explicit intentions of those who actually created and implemented the CDA230—to limit the spread of obscene and criminal content. This is an important point which reminds us just how far we have strayed from the policy’s original intention (thanks to lobbyists, shills, and Big Tech bullies greasing the wheels) – the CDA230 was never meant to be like this.
“The Herrick opinions demonstrate the judicially created vacuum that allows ICSs to shirk their duties to protect consumers solely because the product that they put into the marketplace is an online platform on which users communicate with each other,” Geary explains. She quotes Chief Judge Kozinski of the Ninth Circuit Court of Appeals conclusion that “the Communications Decency Act was not meant to create a lawless no-man’s land on the Internet.”
She continues, “Most courts’ current interpretation of Section 230, however, has manifested just that—an environment in which massive online companies, whose businesses have little to do with free expression, may claim Section 230’s protections and act with little regard to the risks their products pose to consumers.”
As we have said so many times before – if tech companies are outside of the reach of our courts, we should all be terrified as f**k. But this moment is an opportunity – maybe the last one we will collectively get – to do the right thing.
Geary explores a few of the paths towards reform, from the criminalization of non-consensual pornography on the federal level to including a ‘reasonable steps’ clause in the CDA230 wording, but suggests that the most pressing matter is to clarify which causes of action Section 230 was intended to include. She argues that lawmakers should incentivize ICSs to provide stronger consumer protections by making amendments that exclude product liability suits from Section 230’s protections, and clarify that 230 does not prevent ICSs from incurring liability when an alleged injury was the result of a defect in the design or manufacture of their software.
As Geary concludes: “Limiting the scope of Section 230’s immunity is crucial to hold massive, internet-based companies liable for their failures to adequately protect their consumers. Allowing plaintiffs to bring product liability suits against these companies would incentivize innovation and protect consumers, while keeping Section 230’s protections for internet speech intact.”
You can read Kira M. Geary’s paper here.
*John Fabian Witt, Toward a New History of American Accident Law: Classical Tort Law and the Cooperative First-Party Insurance Movement, 114 HARV. L. REV. 690, 694 (2001).